Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\Run] 'RealmonB' = '%APPDATA%\RealmonB\RealmonB.exe'
- Windows Firewall
- Windows Update
- Windows Security Center
- Windows Defender
- <SYSTEM32>\msiexec.exe
- %APPDATA%\realmonb\realmonb.exe
- '85.##9.213.210':53
- '<SYSTEM32>\msiexec.exe'